mds.rst - OpenGrok cross reference for /linux/Documentation/arch/x86/mds.rst

Lines Matching +full:guest +full:- +full:side
7 --------
9 Microarchitectural Data Sampling (MDS) is a family of side channel attacks
12  - Microarchitectural Store Buffer Data Sampling (MSBDS) (CVE-2018-12126)
13  - Microarchitectural Fill Buffer Data Sampling (MFBDS) (CVE-2018-12130)
14  - Microarchitectural Load Port Data Sampling (MLPDS) (CVE-2018-12127)
15  - Microarchitectural Data Sampling Uncacheable Memory (MDSUM) (CVE-2019-11091)
18 dependent load (store-to-load forwarding) as an optimization. The forward
21 buffers are partitioned between Hyper-Threads so cross thread forwarding is
32 Hyper-Threads so cross thread leakage is possible.
39 exploited eventually. Load ports are shared between Hyper-Threads so cross
48 --------------------
50 It is assumed that attack code resides in user space or in a guest with one
54  - to control the load to trigger a fault or assist
56  - to have a disclosure gadget which exposes the speculatively accessed
57    data for consumption through a side channel.
59  - to control the pointer through which the disclosure gadget exposes the
71 -------------------
87 executed on a CPU without the microcode update there is no side effect
90 This does not protect against cross Hyper-Thread attacks except for MSBDS
91 which is only exploitable cross Hyper-thread when one of the Hyper-Threads
92 enters a C-state.
98 Also macro CLEAR_CPU_BUFFERS can be used in ASM late in exit-to-user path.
101 The mitigation is invoked on kernel/userspace, hypervisor/guest and C-state
116 --------------------------------
137 -----------------
154    exit-to-user path is expected to do that anyways. But, there could be
155    a case when an NMI is generated in kernel after the exit-to-user path
162    3. It would take a large number of these precisely-timed NMIs to mount
170 2. C-State transition
173    When a CPU goes idle and enters a C-State the CPU buffers need to be
175    repartitioning of the store buffer when one of the Hyper-Threads enters
176    a C-State.
183    protected against cross Hyper-Thread attacks because the Fill Buffer and
192    The buffer clear is only invoked before entering the C-State to prevent
193    that stale data from the idling CPU from spilling to the Hyper-Thread
201    in user space or the guest cannot speculatively access them.
204    not cover the legacy ACPI IO-Port mechanism because the ACPI idle driver
207    functionality in microcode. Aside of that the IO-Port mechanism is a